diff options
| author | Angelos D. Keromytis <angelos@cvs.openbsd.org> | 2001-08-21 06:48:56 +0000 |
|---|---|---|
| committer | Angelos D. Keromytis <angelos@cvs.openbsd.org> | 2001-08-21 06:48:56 +0000 |
| commit | eb9bfe8e8247b288f22ac9b06a0798c92ddc42e7 (patch) | |
| tree | f633ee79b2d018dfd02ab658470db38442259b0d /sys | |
| parent | 6b80790b025573ba6f0f13ccf223080d1f6e67d4 (diff) | |
When the outgoing socket has BYPASS set, don't bother calling the
PCB-checking routine.
Diffstat (limited to 'sys')
| -rw-r--r-- | sys/netinet/ip_spd.c | 9 |
1 files changed, 4 insertions, 5 deletions
diff --git a/sys/netinet/ip_spd.c b/sys/netinet/ip_spd.c index 930633021c7..10fe1d151da 100644 --- a/sys/netinet/ip_spd.c +++ b/sys/netinet/ip_spd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ip_spd.c,v 1.38 2001/08/15 09:50:12 niklas Exp $ */ +/* $OpenBSD: ip_spd.c,v 1.39 2001/08/21 06:48:55 angelos Exp $ */ /* * The author of this code is Angelos D. Keromytis (angelos@cis.upenn.edu) * @@ -327,11 +327,10 @@ ipsp_spd_lookup(struct mbuf *m, int af, int hlen, int *error, int direction, IPSEC_LEVEL_BYPASS) && (inp->inp_seclevel[SL_AUTH] == IPSEC_LEVEL_BYPASS)) { /* Direct match. */ - if (!bcmp(&sdst, &ipo->ipo_dst, sdst.sa.sa_len) || - dignore) { + if (dignore || + !bcmp(&sdst, &ipo->ipo_dst, sdst.sa.sa_len)) { *error = 0; - return ipsp_spd_inp(m, af, hlen, error, - direction, tdbp, inp, ipo); + return NULL; } } |